Most Data Breaches Avoidable, Verizon Report Finds

By Nathan Eddy |
Posted 2010-07-29

Breaches of electronic records last year involved more insider threats,
greater use of social engineering and the continued strong involvement of
organized criminal groups, according to communication giant Verizon's 2010 Data
Breach Investigations Report, in collaboration with the U.S. Secret Service. However,
the overall number of breaches investigated last year declined from the
previous year-"a promising" indication, the study said.

The report found most data breaches investigated were caused by external
sources: Sixty-nine percent of breaches resulted from these sources, while only
11 percent of breaches were linked to business partners. The study said
insiders caused 49 percent of breaches, which is an increase over previous
report findings, primarily due to an expanded dataset and the types of cases
studied by the Secret Service, Verizon said.

Many breaches involved privilege misuse, the report stated, with 48 percent of
breaches attributed to users who, for malicious purposes, abused their right to
access corporate information. An additional 40 percent of breaches were the
result of hacking, while 28 percent were due to social tactics and 14 percent
to physical attacks. The reported said as in previous years, nearly all data
was breached from servers and online applications, with 85 percent of breaches
not considered highly difficult; 87 percent of victims had evidence of the
breach in their log files, yet missed it.

"The reduction in breaches is a positive sign that we are gaining some
ground in the fight against cybercrime," said Verizon Business' vice
president of technology and enterprise innovation, Peter Tippett. "As
we are able to share more information through the use of the VERIS security
research framework to gather comparative security data such as the caseload of
the Secret Service, we believe we will be even better equipped to arm
organizations with best practices, processes, tools and services that will
continue to make a difference."

Data breaches continue to occur, according to the report, within all types of
organizations. Financial services, hospitality and retail still make up the
"Big Three" of industries affected (33 percent, 23 percent and 15
percent, respectively) in the merged Verizon-Secret Service dataset, though
tech services edged out retail in Verizon's caseload. A growing percentage of
cases and a stunning 94 percent of all compromised records in 2009 were
attributable to financial services. More than half of the breaches investigated
by Verizon in 2009 occurred outside the United
States, while the bulk of the breaches
investigated by the Secret Service occurred in the United
States. The report found no correlation
between an organization's size and its chances of suffering a data breach.

The 2010 report concluded that being prepared remains the best defense against
security breaches. "For the most part, organizations still remain sluggish
in detecting and responding to incidents. Most breaches (60 percent) continue
to be discovered by external parties and then only after a considerable amount
of time," the report concluded. "And while most victimized
organizations have evidence of a breach in their security logs, they often
overlook them due to a lack of staff, tools or processes."